Privacy is intrinsically precious and increasingly rare. In an age where much of the world lives online, sharing their photos, identities, and bank accounts over the airwaves, the opportunities for companies to steal your data silently and for hackers to make a quick buck are ever greater. Sounds important, right?
Lawmakers, activists, and academics seem to think so, though no one can agree on how to enforce the protections, and even when they do, a multibillion-dollar fine is, at best, a slap in the face to Silicon Valley. Big Tech is the big bad wolf spying on your data and turning you into its product. This emerging awareness has given rise to a bevy of privacy-focused companies, like the search engine DuckDuckGo and the browser Brave, which advertise themselves as tracker-free alternatives but have yet to leave a mouse-sized footprint near the sasquatch of Silicon Valley.
As if the daily turbulence of the internet weren't enough to worry about, there are also bad guys out there. According to IBM, the average global cost of a corporate data breach is US$1,400,000, and in the United States, the average is US$1,400,000. While it's harder to estimate how much money is stolen from people when personal details are leaked online, the impact can be economically devastating, even if the overall figures are smaller than the losses suffered by companies.
Considering all this, how much would the average person really be willing to spend to keep Zuckerberg and company out of their lives, not to mention hackers? Pierre Valade, founder of the privacy app Jumbo, spent two years trying to get consumers to pay monthly subscriptions to protect their privacy. Now, Jumbo, which has raised $1,400,000 to date, is abandoning the freemium model.
Until late last month, free Jumbo app users had some basic features, like two-factor authentication (2FA) and notifications if their email went missing, while paid subscribers had additional features like the ability to delete social media posts older than a certain date, providing greater protection against identity theft. On January 31st, Jumbo lifted its paywall, making all its features free to consumers and will instead sell a paid product to businesses. The hope is that growing a large and dedicated consumer base will help Jumbo sell a corporate version of its service with additional features.
We sat down with Valade to ask how, in the age of surveillance capitalism, privacy can become profitable.
The following interview has been edited for clarity and brevity.
So, in 2019, you decided to start this company. What made you think it was good for business? Jumbo's website says it wants privacy for everyone, but there are many nonprofits and advocacy groups that want the same thing. Why did you think: privacy is where the money is?
I didn't really think, "This is where the money is," because I usually come from product ideas that I want to see happen in the world, for myself and potentially millions of other people, and that's always the case. I choose my ideas. In 2019, I heard that privacy was becoming increasingly important to most people, but there wasn't a tool that allowed you to easily manage your privacy.
The commercial side came later, when we started introducing subscriptions in 2020. We've been a subscription company for over two years, and the shift we're making today is because we realized that, ultimately, by charging people directly for the product, we reached about 25,000 paying customers.
It was completely limiting the scale of how many people could actually use our product. It used to cost $1,000 per year, which isn't cheap. There used to be a better business opportunity to charge companies instead of consumers, because typically when you charge companies for security or privacy products, they're more likely to pay and you're more likely to keep them as customers for the long haul.
You mentioned hitting a threshold of around 25,000 paid subscribers. When you started rolling out your subscriptions, were you surprised by how many of them stabilized? Because the lesson here seems to me to be that people aren't willing to spend money to maintain their online hygiene.
I see it a little differently. I think $100 a year is an expensive subscription. I don't know if it's because people don't care; I think there are a lot of very critical tools that are hard to get people to pay for. I bet that even if people really cared about using Facebook, or say, Instagram or WhatsApp, I bet that if those tools cost even $100 a year, their growth would have been significantly reduced. There's a huge gap as soon as you ask people to give up their credit card and pay for something, and it's even bigger when it's $100 a year.
(Pierre Valade, CEO of Jumbo) Why do you think companies will be willing to spend where consumers aren't? The benefits of the app still seem largely consumer-driven; it's not like you're offering free insurance to companies. So why do you think they'll be willing to shell out for employees when they don't see a structural benefit?
I think there's a structural benefit, which is that when you make employees more secure within your company, you're actually making the company more secure. The company cares about protecting employees in their individual accounts and individual emails, as these are actually an attack vector.
So what you're selling is the idea that individual privacy is part of cybersecurity now, inevitably.
Absolutely, and it goes beyond privacy. We had a few conversations with companies last year, and the exercise we were doing before even talking to them was basically acquiring data from a data broker, and we would have a lot of information about a company executive. We would get their email address, their personal email address, their phone number, sometimes their home address—and that's annoying, isn't it? So companies have this information in data broker databases.
Are there services, websites, or apps that you avoid simply because your work in privacy has made you hyper-aware of exactly how the internet works and what it collects about you—or to rephrase this question: do you see anyone engaging in internet habits where you think, “Oh god no, don’t do that”?
What I think most people should know about are password managers. I actually use Apple's on Safari, and I think it does the trick. I think it's very important to encourage more people to use password managers and have unique passwords for all sites.
And the other one, which might be a bit more niche, is that many people have a lot of extensions on Chrome, and I think people should be careful about the extensions they install on Chrome, because most of your extensions can actually see everything you do. Including the content of a password-protected website, so it could be your job application or your bank account. I don't use any extensions, for example, on Safari, because I'm very concerned about these extensions leaking information or being hacked.
